You need to enable JavaScript to run this app.
导航
火山方舟大模型服务平台
  • 文档首页
    • /火山方舟大模型服务平台/API 参考/安全审计/ListAuditLogs - 获取安全审计日志
ListAuditLogs - 获取安全审计日志
最近更新时间:2024.07.16 01:01:42首次发布时间:2024.07.16 01:01:42
我的收藏

支持对安全相关事件进行查询和审计,当前可审计事件包括SshLogin(Ssh登录到安全沙箱的事件)、ContainerLogin(本地登录到安全沙箱的事件)、AbnormalConnection(安全沙箱对外的异常网络连接)

调试

API Explorer
您可以通过 API Explorer 在线发起调用,无需关注签名生成过程,快速获取调用结果。
去调试

请求参数

下表仅列出该接口特有的请求参数和部分公共参数。更多信息请见公共参数

参数
类型
是否必填
示例值
描述
Action
String

ListAuditLogs

要执行的操作,取值:ListAuditLogs。

Version
String

2024-01-01

API的版本,取值:2024-01-01。

ResourceId
String

ep-**************-*****

资源 ID,取值:

  • ep-**************-*****(推理接入点)

  • mcj-**************-*****(模型精调任务)

ResourceType
String

endpoint

资源类型,取值:

  • endpoint(推理接入点)

  • modelcustomizationjob(模型精调任务)

Filter
Object

-

待查询审计日志的筛选条件

PageNumber
Integer

1

分页查询时的起始页码,从 1 开始,默认为 1

PageSize
Integer

10

分页查询时每页显示的记录数,取值:

  • 最小值:1

  • 最大值:100

  • 默认值:10

SortBy
String

Timestamp

指定排序指标。 可指定值:

  • Timestamp 审计的行为发生时间

默认值: Timestamp

SortOrder
String

Desc

指定排序顺序。 可指定值:

  • Asc: 升序排列

  • Desc:降序排列

默认值:Desc

返回参数

下表仅列出本接口特有的返回参数。更多信息请参见返回结构

参数
类型
示例值
描述
TotalCount
Integer

1

总审计日志数

PageNumber
Integer

1

分页查询时的起始页码,从 1 开始,默认为 1

PageSize
Integer

10

分页查询时每页显示的记录数,取值:

  • 最小值:1
  • 最大值:100
  • 默认值:10
Items
Array of Object

-

审计日志

请求示例 1

用于审计 SshLogin 行为

POST /?Action=ListAuditLogs&Version=2024-01-01 HTTP/1.1
Host: https://open.volcengineapi.com
Content-Type: application/json; charset=UTF-8
X-Date: 20240627T021205Z
X-Content-Sha256: 287e874e******d653b44d21e
Authorization: HMAC-SHA256 Credential=Adfks******wekfwe/20240627/cn-beijing/ark/request, SignedHeaders=host;x-content-sha256;x-date, Signature=47a7d934ff7b37c03938******cd7b8278a40a1057690c401e92246a0e41085f

{
  "ResourceId": "ep-**************-*****",
  "ResourceType": "endpoint",
  "Filter": {
    "LogTypes": [
      "SshLogin"
    ]
  },
  "PageNumber": 1,
  "PageSize": 10,
  "SortBy": "Timestamp",
  "SortOrder": "Desc"
}

返回示例 1

{
  "ResponseMetadata": {
    "RequestId": "20240627101238231161005082456C1E",
    "Action": "ListAuditLogs",
    "Version": "2024-01-01",
    "Service": "ark",
    "Region": "cn-beijing"
  },
  "Result": {
    "TotalCount": 1,
    "PageNumber": 1,
    "PageSize": 10,
    "Items": [
      {
        "ResourceId": "ep-**************-*****",
        "ResourceType": "endpoint",
        "LogType": "SshLogin",
        "LogDetail": "172.17.0.1 50030 172.17.0.4 22",
        "Timestamp": "2024-05-16T12:00:00Z"
      }
    ]
  }
}

请求示例 2

用于审计 ContainerLogin 行为

POST /?Action=ListAuditLogs&Version=2024-01-01 HTTP/1.1
Host: https://open.volcengineapi.com
Content-Type: application/json; charset=UTF-8
X-Date: 20240705T123158Z
X-Content-Sha256: 287e874e******d653b44d21e
Authorization: HMAC-SHA256 Credential=Adfks******wekfwe/20240705/cn-beijing/ark/request, SignedHeaders=host;x-content-sha256;x-date, Signature=47a7d934ff7b37c03938******cd7b8278a40a1057690c401e92246a0e41085f

{
  "ResourceId": "ep-**************-*****",
  "ResourceType": "endpoint",
  "Filter": {
    "LogTypes": [
      "ContainerLogin"
    ]
  },
  "PageNumber": 1,
  "PageSize": 10,
  "SortBy": "Timestamp",
  "SortOrder": "Desc"
}

返回示例 2

{
  "ResponseMetadata": {
    "RequestId": "2024070520320624805701201829AFC4",
    "Version": "2024-01-01",
    "Service": "ark",
    "Region": "cn-beijing"
  },
  "Result": {
    "TotalCount": 1,
    "PageNumber": 1,
    "PageSize": 10,
    "Items": [
      {
        "ResourceId": "ep-**************-*****",
        "ResourceType": "endpoint",
        "LogType": "ContainerLogin",
        "LogDetail": "docker exec -it 29ef24294c46 /bin/sh",
        "Timestamp": "2024-05-16T12:00:00Z"
      }
    ]
  }
}

请求示例 3

用于审计 AbnormalConnection 行为

POST /?Action=ListAuditLogs&Version=2024-01-01 HTTP/1.1
Host: https://open.volcengineapi.com
Content-Type: application/json; charset=UTF-8
X-Date: 20240705T123428Z
X-Content-Sha256: 287e874e******d653b44d21e
Authorization: HMAC-SHA256 Credential=Adfks******wekfwe/20240705/cn-beijing/ark/request, SignedHeaders=host;x-content-sha256;x-date, Signature=47a7d934ff7b37c03938******cd7b8278a40a1057690c401e92246a0e41085f

{
  "ResourceId": "ep-**************-*****",
  "ResourceType": "endpoint",
  "Filter": {
    "LogTypes": [
      "AbnormalConnection"
    ]
  },
  "PageNumber": 1,
  "PageSize": 10,
  "SortBy": "Timestamp",
  "SortOrder": "Desc"
}

返回示例 3

{
  "ResponseMetadata": {
    "RequestId": "202407052034340071951971433E0B1D",
    "Version": "2024-01-01",
    "Service": "ark",
    "Region": "cn-beijing"
  },
  "Result": {
    "TotalCount": 1,
    "PageNumber": 1,
    "PageSize": 10,
    "Items": [
      {
        "ResourceId": "ep-**************-*****",
        "ResourceType": "endpoint",
        "LogType": "AbnormalConnection",
        "LogDetail": "172.17.0.1 50030 172.17.0.4 22",
        "Timestamp": "2024-05-16T12:00:00Z"
      }
    ]
  }
}

错误码

下表为您列举了该接口与业务逻辑相关的错误码。公共错误码请参见公共错误码文档。

状态码
错误码
错误信息
说明
400
MissingParameter.{{Parameter}}
The required parameter {{Parameter}} is missing.

缺少必要的请求参数。请确认请求参数后重试。

400
InvalidParameter.{{Parameter}}
The specified parameter {{Parameter}} is invalid.

请求参数值不合法。请检查参数值的正确性后重试。